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REMARKS 

In the non-final Office Action, the Examiner objects to claim 1 due to minor 
informalities; rejects claims 17-21 under 35 U.S.C. § 102(a) as anticipated by SYVANNE et al. 
(European Patent Application Publication No. 1,317,112); rejects claims 1-11 and 22-25 under 
35 U.S.C. § 103(a) as unpatentable over SYVANNE et al. in view of KAVANAGH (U.S. Patent 
Application Publication No. 2003/0081607); and rejects claims 26 and 27 under 35 U.S.C. § 
103(a) as unpatentable over SYVANNE et al. in view of KAVANAGH and GOPAL et al. 
("User Plane Firewall for 3G Mobile Network"; Vehicular Technology Conference; IEEE 58 th ; 
Vol. 3, October 6, 2003). Applicants respectfully traverse these rejections. 1 

By way of the present amendment, Applicants cancel claims 8, 12-21, and 28-31 without 
prejudice or disclaimer and amend claims 1 , 9, and 22 to improve form. No new matter has been 
added by way of the present amendment. Claims 1-7, 9-11, and 22-27 are pending. 

Claims 1 is objected to due to a minor informality. Claim 1 has been amended to correct 
the informality. As such, withdrawal of the objection to claim 1 is respectfully requested. 

Claims 17-21 stand rejected under 35 U.S.C. § 102(a) as allegedly unpatentable over 
SYVANNE et al. Claims 17-21 are canceled, thereby rendering this rejection moot. 

Pending claims 1-7, 9-11, and 22-25 stand rejected under 35 U.S.C. § 103(a) as allegedly 
unpatentable over SYVANNE et al. in view of KAVANAGH. Applicants respectfully traverse 
this rejection. 

Amended claim 1 recites a method of screening incoming packets that includes detecting 
a request to establish a connection from a first network to a packet data network; detecting 

1 As Applicants' remarks with respect to the Examiner's rejections are sufficient to overcome these rejections. 
Applicants' silence as to assertions by the Examiner in the Office Action or certain requirements that may be 
applicable to such rejections (e.g., whether a reference constitutes prior art, motivation to combine reference, 
assertions as to dependent claims, etc.) is not a concession by Applicants that such assertions are accurate or such 
requirements have been met, and Applicants reserve the right to analyze and dispute such assertions/requirements in 
the future. 
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establishment of a tunnel, wherein the tunnel has a support node at each end of the tunnel, one of 
the support nodes being a gateway to the packet data network, wherein the tunnel is used to 
convey user traffic and the user traffic through the tunnel can have one or more associated 
firewall sessions on a firewall outside the tunnel; inspecting packets in the tunnel to detect 
information associated with the firewall sessions; detecting a tear down of the tunnel in response 
to inspecting the packets; and sending a request to the firewall to clear the one or more firewall 
sessions in response to detecting the tear down of the tunnel. SYVANNE et al. and 
KAVANAGH, whether taken alone or in any reasonable combination, do not disclose or suggest 
this combination of features. 

For example, SYVANNE et al. and KAVANAGH do not disclose or suggest detecting a 
tear down of a tunnel in response to inspecting packets in the tunnel to detect information 
associated with firewall sessions. A similar feature was previously presented in claim 8. The 
Examiner admits that SYVANNE et al. does not disclose this feature and relies on paragraphs 
0010 and 0013 of KAVANAGH as allegedly disclosing this feature (Office Action, pp. 6-7). 
Applicants respectfully disagree with the Examiner's interpretation of KAVANAGH. 

At paragraph 0010, KAVANAGH discloses: 

FIG. 3 is a signaling diagram illustrating the GTP control messages utilized to delete a PDP 
Context and tear down a GTP Tunnel. The GTP Tunnel can be torn down by initiating a Detach 
Request 35, by either the operator or the MS 1 1. A mobile-originated detach request is sent to the 
SGSN 15 which, in turn, sends a Delete PDP Context Request message 36 to the GGSN 22. The 
GGSN deletes the PDP Context for this MS and responds with a Delete PDP Context Response 
message 37 to the SGSN. The SGSN sends an International Mobile Station Identifier (IMSI) 
Detach Indication 38 and GPRS Detach Indication 39 to the GGSN. The SGSN then deletes the 
PDP Context, and sends a Detach Accept message 40 to the MS. As a result, the GTP tunnel is 
deleted. 

This section of KAVANAGH discloses the GTP control messages used to tear down a GTP 
Tunnel. This section of KAVANAGH does not disclose or suggest inspecting packets to detect 
information associated with firewalls. In fact, KAVANAGH merely discloses automatically 
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tearing down the tunnel when transmission between two nodes is finished in a known GPRS 
network (paragraph 0007). Therefore, this section of KAVANAGH cannot disclose or suggest 
detecting a tear down of a tunnel in response to inspecting packets in the tunnel to detect 
information associated with firewall sessions, as recited in claim 1. 
At paragraph 0013, KAVANAGH discloses: 

In one aspect, the present invention is directed to a method of filtering data packets in General 
Packet Radio Service (GPRS) Tunneling Protocol (GTP) signaling messages between service 
nodes in a GPRS network. The method includes the steps of analyzing at least one GTP signaling 
message against a plurality of filtering criteria, and responsive to the analyzing step, selectively 
dropping data packets from the GTP signaling message or allowing the packets to pass. The 
analyzing step may include analyzing messages selected from a group consisting of GTP Path 
Management messages, GTP Tunnel Management messages, GTP Mobility Management 
messages, and GTP Location Management messages. The analysis may include the steps of 
verifying that the data packets in the GTP signaling message contain correct source, destination, 
and mask addresses; verifying that the data packets in the GTP signaling message contain User 
Datagram Protocol/Transmission Control Protocol (UDP/TCP) port numbers that are consistent 
with the GTP version number; and inspecting the data packets at the GTP level, layer-5. Based on 
information in the GTP header and accompanying Information Elements (IBs), selected GTP 
packets are dropped. 

This section of KAVANAGH discloses analyzing at least one GTP signaling message against a 
plurality of filtering criteria, and responsive to the analyzing step, selectively dropping data 
packets from the GTP signaling message or allowing the packets to pass. This section of 
KAVANAGH discloses inspecting packets, but does not disclose or suggest inspecting packets 
to detect information associated with firewalls. Therefore, this section of KAVANAGH cannot 
disclose or suggest detecting a tear down of a tunnel in response to inspecting packets in the 
tunnel to detect information associated with firewall sessions, as recited in claim 1. 

For at least the foregoing reasons, Applicants submit that claim 1 is patentable over 
SYVANNE et al. and KAVANAGH, whether taken alone or in any reasonable combination. 

Claims 2-7 and 9-11 depend from claim 1. Therefore, these claims are patentable over 
SYVANNE et al. and KAVANAGH, whether taken alone or in any reasonable combination, for 
at least the reasons given above with respect to claim 1. 
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Amended independent claim 22 recites a system for screening incoming packets, 
comprising: a GTP firewall including a GTP communication module; and a Gi firewall that 
includes: a Gi communication module that is operable to receive an instruction from the GTP 
communication module to tear down a firewall session, a firewall session list, and a tear down 
engine that removes inactive firewall sessions from the firewall session list when the tear down 
engine receives the instruction from the GTP communication module. SYVANNE et al. and 
KAVANAGH, whether taken alone or in any reasonable combination, do not disclose or suggest 
this combination of features. 

For example, SYVANNE et al. and KAVANAGH do not disclose or suggest a Gi 
communication module that is operable to receive an instruction from the GTP communication 
module to tear down a firewall session, a firewall session list, and a tear down engine that 
removes inactive firewall sessions from the firewall session list when the tear down engine 
receives the instruction from the GTP communication module. The Examiner admits that 
SYVANNE et al. does not disclose this feature and relies on paragraph 0010 of KAVANAGH as 
allegedly disclosing this feature (Office Action, pg. 10). Applicants respectfully disagree with 
the Examiner's interpretation of KAVANAGH. 

Paragraph 0010 of KAVANAGH has been reproduced above. This section of 
KAVANAGH discloses the GTP control messages used to tear down a GTP Tunnel. This 
section of KAVANAGH does not mention a Gi communication module that is operable to 
receive an instruction from the GTP communication module to tear down a firewall session or a 
firewall session list. Therefore, this section of KAVANAGH cannot disclose or suggest a Gi 
communication module that is operable to receive an instruction from the GTP communication 
module to tear down a firewall session, a firewall session list, and a tear down engine that 
removes inactive firewall sessions from the firewall session list when the tear down engine 
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receives the instruction from the GTP communication module, as recited in claim 22. In fact, as 
noted above, KAVANAGH merely discloses that, in existing GPRS networks, the GTP-Control 
Plane tears down the tunnel when transmission is finished (paragraph 0007). 

For at least the foregoing reason, Applicants submit that claim 22 is patentable over 
SYVANNE et al. and KAVANAGH, whether taken alone or in any reasonable combination. 

Claims 23-25 depend from claim 22. Therefore, these claims are patentable over 
SYVANNE et al. and KAVANAGH, whether taken alone or in any reasonable combination, for 
at least the reasons given above with respect to claim 22. 

Claims 26 and 27 stand rejected under 35 U.S.C. § 103(a) as allegedly unpatentable over 
SYLVANNE et al. in view of KAVANAGH and GOPAL et al. Applicants respectfully traverse 
this rejection. 

Claims 26 and 27 depend from claim 22. Without acquiescing in the rejection of claims 
26 and 27, Applicants submit that the disclosure of GOPAL et al. does not remedy the 
deficiencies in the disclosures of SYLVANNE et al. and KAVANAGH set forth above with 
respect to claim 22. Therefore, claims 26 and 27 are patentable over SYVANNE et al. and 
KAVANAGH, whether taken alone or in any reasonable combination, for at least the reasons 
given above with respect to claim 22. 

In view of the foregoing amendments and remarks, Applicant respectfully requests the 
Examiner's reconsideration of this application, and the timely allowance of the pending claims. 
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To the extent necessary, a petition for an extension of time under 37 C.F.R. § 1.136 is 
hereby made. Please charge any shortage in fees due in connection with the filing of this paper, 
including extension of time fees, to Deposit Account No. 50-1070 and please credit any excess 
fees to such deposit account. 

Respectfully submitted, 
HARRITY SNYDER, L.L.P. 

By: /Meagan S. Walling, Reg. No. 60.112/ 
Meagan S. Walling 
Reg. No. 60,112 



Date: January 10, 2008 

1 1350 Random Hills Road 
Suite 600 

Fairfax, VA 22030 
Telephone: (571)432-0800 
Facsimile: (571)432-0808 
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